Adware/Cdnhelper
Analysis
This Adware is also known as a "browser helper object" (BHO). It loads as an add-on to the Internet browser Internet Explorer. Commonly this BHO will be stored on the system in this path and file name -
C:\Program Files\CNNIC\Cdn\cdniehlp.dll
The BHO is installed via a .CAB file from a web site hosted in China. The BHO provides advertisement delivery to the web surfing experience.
Recommended Action
- check the main screen using the web interface to
ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "Allow
Push Update" option
FortiGate systems:
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |